Charlie White reports:
Jeffersonville is notifying city vendors and officials of a recurring “serious” data breach in which their names and addresses — and some Social Security numbers — were mistakenly e-mailed to city employees.
“Because this is a serious incident, we strongly encourage you to take preventative measures now to help prevent and detect any misuse of your information,” city Controller Amy Deering wrote in a letter dated Friday to the 311 affected vendors.
Each is being offered a year’s subscription to a credit monitoring service and identity-theft protection service, according to the letter.
Jeffersonville officials believe the email breach was recurring and began in 2001 as the city finance department began sending out its monthly list of vendor payments.
City Attorney Les Merkley — whose personal information was among those listed — said a new software program made Social Security numbers appear more prominently, which is what likely led a city employee to alert officials.
Merkley said he worked with Deering and information technology staff to delete the emails from city employee inboxes Friday and notify all of those affected.
Read more on courier-journal.com.